package com.zzz.oauth2;

import com.zzz.security.CustomAuthenticationFailureHandler;
import com.zzz.security.JsonAccessDeniedHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

/**
 * @author Chunsheng.Zhang
 * @date 2021/5/12 11:08
 * @description : 创建资源服务
 */
@Configuration
@EnableResourceServer//表示开启资源服务
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.resourceId("rid");


    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                //要访问  /user/**  资源，必须拥有  user:sel   权限
                .antMatchers("/user/**").hasAuthority("user:sel")
                //要访问  /menu/**  资源，必须拥有  user:sel或者menu:sel   权限
                .antMatchers("/menu/**").hasAnyAuthority("user:sel","menu:sel")
                //其他的接口必须认证后才能访问
                .anyRequest().authenticated();

    }
}
